Governance and ethical conduct

Our approach

Downer and our stakeholders place a strong importance on governance and ethical conduct. This was reinforced in the outcomes of our materiality assessment conducted in 2021, where governance and ethical conduct ranked as Downer’s second-highest priority issue.

Downer’s approach to sustainability is underpinned by a robust corporate governance framework. This framework provides the platform from which Downer’s Board provides strategic direction for the responsible and sustainable growth of the company. It also drives a culture that promotes high ethical standards and personal integrity.

Under our governance framework, Downer’s management is accountable to the Board, and the Board is accountable to shareholders for the operations, performance and growth of the company. The primary goal the Board has set for management is to focus on enhancing shareholder value, which includes responsibility for Downer’s economic, environmental and social performance.

Our Board recognises the need for the highest standards of behaviour and, as such, endorses the ASX Corporate Governance Council’s Corporate Governance Principles and Recommendations (ASX Principles). Our Corporate Governance Statement for the year ending 30 June 2022 is included in our Annual Report.

Ensuring our governance and ethical standards are adhered to by our diverse supply chain remains a challenge, particularly around issues such as human rights and modern slavery, and data security.

For more information about our approach, please click here.

Our performance

The performance information in this section includes Downer’s Australian and New Zealand operations.

While Downer’s governance policies and procedures cover contractors and joint ventures, performance information in this section excludes these entities. To achieve Downer’s targets and objectives relating to Governance, Downer prioritised the following short-term focus areas in FY22, which we committed to in our 2021 Sustainability Report:

Focus area	Result	Reference
Continue to maintain and strengthen our governance of business integrity	✓	Whistleblower management training
Undertake a significant redesign of Downer’s Risk Appetite Statements that were approved by the Board in 2016	✓	Internal audit and risk
Continue to review our labour practices and supply chain through updates to our existing frameworks, policies and processes to take into consideration modern slavery, and release our FY21 Modern Slavery Statement in December 2021	✓	Modern slavery
Continue to progress The Downer Standard (TDS), including:Centralising Business Unit-specific process and capability documents within The Downer Standard Commencing implementation of The Downer Standard Mandate Defining and implementing a standard management review process Launching the Delivery Governance Management app in Australia to automate and simplify adherence to the Delivery Management Methodology	✓	The Downer Standard Delivery Management Methodology
Revise Downer’s Privacy Policy to ensure that standards for the collection, use and disclosure of personal information are maintained	✓	Privacy
Complete the roll-out of the training module on privacy	X	Privacy
Increase employee awareness around cybersecurity risks	✓	Cybersecurity
Continue to review our membership of peak bodies and industry associations	✓	Industry memberships and associations

Board structure

We understand the value of diversity on our Board and this is taken into consideration during the appointment process.

Internal audit and risk

In FY22, Downer’s Internal Audit and Risk function completed 19 internal audits comprising nine project reviews and 10 reviews of key business processes. Core matters that are typically audited include the validation of appropriate payment to our employees, suppliers and contractors. Additionally, implementing project/ contract management controls is a key risk that is continuously audited. This is to assure the implementation program and effectiveness of The Downer Standard.

The audits and reviews that relate to Downer’s material issues consisted of:

Payroll: The review centred on the automation of Enterprise Bargaining Agreements (EBAs), which enables interpretation of EBAs to support automated Payroll calculations. Minor findings were noted in relation to reducing build time and improving work instructions.
Purchase to pay: This review included an assessment of processes, data analytics and a survey of employees engaged in the process associated with the procure to pay cycle. A minor finding was noted in relation to supplier debit balances.
Hand-over and kick-off: This review was focused on the effectiveness of Downer’s processes and procedures when conducting hand-over and kick-off of projects. It included processes supporting the upfront identification of Zero Harm and environmental issues. The review confirmed areas where procedures could be rationalised, aspects where further training was required, and also contributed to the redesign of the Delivery Governance Leadership (formerly Project Board) program.
Project reviews: Nine individual project reviews were conducted. Each assessed the project’s processes in accordance with The Downer Standard to manage risk including safety and environment requirements.

In addition, Downer completed a review of its Risk Appetite Standard. The Risk Appetite Standard was approved by the Audit and Risk Committee in December 2021. It outlines the parameters that the Group is willing to pursue and is tracked for Board member reference. A cornerstone of the Standard is the contract-specific parameters that define the opportunity’s pursual approach across the elements of contract model, payment framework, customer and scope. Contracts that do not meet the Standard require the most senior approval and reporting to the Board.

Financial and Corporate Governance Self-Assessment

Downer conducted two Financial and Corporate Governance Self-Assessment (FCGSA) surveys in FY22, with 245 senior executives completing the first, and 216 completing the second, both of which had 100 per cent completion rates. The number of senior managers who completed the surveys in FY22 was less than previous years. This is a result of business restructuring, including divestments, during FY22.

Timely, honest and transparent disclosures

In FY22, Downer made 165 announcements and disclosures via the ASX and NZX. Of these, 10 were Director’s interest disclosures and 117 related to Downer’s on-market-buy-back which was announced on 27 April 2021 and continued into FY22. There were no breaches of continuous disclosure and Downer is unaware of any substantial complaints regarding breaches of privacy or other matters by customers or other stakeholders.

Political donations

In FY22, Downer made a total of $13,000 in political donations to the major parties through participation in industry forums. Donations were made to the Liberal National Party ($5,000) and the Labor Party ($8,000).

Insider trading

There were no reported breaches of the Securities Trading Policy in FY22.

Anti-competitive behaviour

There were no breaches or litigation associated with anticompetitive behaviour brought to Downer’s attention in FY22.

Anti-bribery and corruption

There were no breaches or litigation associated with anti-bribery and corruption brought to Downer’s attention in FY22.

Whistleblower management training

In FY22, Downer strengthened our governance of business integrity through continuing training on Downer’s policies and practices for the management of whistleblower reports. 75 employees completed the training in FY22. In addition, Downer revised our Business Integrity Policy in FY22, with minor updates.

The Downer Standard

The Downer Standard (TDS) is Downer’s proprietary Integrated Management System that defines the way we work and deliver for our customers. The Downer Standard is closely aligned to Downer’s Purpose, Promise and Pillars, and covers our core business processes including Customer Planning and Engagement, Opportunity and Bid Management, Delivery Management, Asset Management, Business Services, Corporate Affairs, Company Secretariat, Finance, Human Resources, Information Technology, Legal and Insurance, Plant and Light Vehicles, Procurement, Property, Quality, Risk, and Zero Harm.

The Downer Standard sits across each functional and operational area of Downer to ensure a standardised approach to business planning, operational and functional delivery, reporting, monitoring and decision making. The Downer Standard:

Provides a structure for governing and sustaining core and BU-specific processes and capabilities
Is embedded into Downer delivery management processes and tools to ensure consistent service delivery and customer engagement
Acts as a vehicle for sharing knowledge and best practice
Establishes a framework for quality assurance via single certification to international management standards (ISO 45001 – Safety, 9001 – Quality and 14001 – Environment)
Includes an assurance framework and verification strategy with comprehensive audit and reporting processes
Provides a backbone for learning and professional development
Includes a standard management review process
Supports the rapid integration of new acquisitions,mergers and joint ventures
Enables a culture of continuous improvement and customer centricity.

The Downer Standard Leadership Team, chaired by the Group Chief Operating Officer, provides oversight and champions the adoption and continuous improvement of The Downer Standard across the Downer Group.

The Downer Standard aids Downer in meeting its legislative compliance requirements.

Delivery Management Methodology

The Delivery Management Methodology Implementation Program commenced mid-2021 with a focus on further embedding The Downer Standard into Downer’s delivery practices.

Over many decades, Downer has built up and refined an enviable library of experience in the delivery of projects and services. This experience has been consolidated into Downer’s Delivery Management Methodology, which is based on The Downer Standard for Delivery Management.

The Delivery Management Methodology sets out the ‘Downer way’ of delivering projects and contracts – the procedures, processes and tools that are designed to make the way we deliver work consistent and repeatable, which provides certainty and value for money for our customers.

The methodology covers all phases of a contract – from mobilisation and delivery, through to the completion of a project or contract.

The fundamentals of the Delivery Management Methodology are built around a defined criteria/category assigned to a project or contract, which is based on the complexity of the work involved, which includes the following key criteria:

1. Contract value

2. Type of contract

3. Level of design responsibility

4. Risk class evaluation.

Once a project or contract is categorised, it follows the five phases of the Delivery Management Methodology:

1. Hand-over and kick-off

2. Plan Day 1 readiness

3. Prepare Day 1 readiness

4. Execute, monitor, control

5. Close-out and capture lessons learned.

The continuous use and ongoing refinement of the Delivery Management Methodology ensures a strong handover and transfer of knowledge across the project/contract delivery lifecycle. It is based on a proven method of managing projects and contracts, and can be tailored to meet business-specific capabilities and customer or legislative requirements.

This ensures a consistent and reliable outcome, which ultimately benefits our people, suppliers, customers and shareholders.

Delivery Governance Management solution

Downer has identified key governance activities from the Delivery Management Methodology that enable delivery teams to build a strong foundation of governance in accordance with The Downer Standard, which sets them up for success.

These activities link to Delivery Management Methodology processes, which are housed in The Downer Standard, and comprise part of an application called the Delivery Governance Management solution.

The Delivery Governance Management solution is developed on Microsoft platforms, and helps our people guide, track and monitor the key governance activities across the Delivery Management Methodology, ensuring the project remains on track and in accordance with Delivery Management Methodology governance requirements, throughout delivery of the project/contract.

The Delivery Governance Management solution sets out to achieve a balance between allowing governance to be dynamic, in order to meet the varying project or contract requirements, while also applying set controls that are visible and measurable and enable successful delivery of work.

Delivery Management Learning Pathways

The Delivery Management Methodology Implementation Program includes a dedicated Delivery Management Learning Pathways program, which aims to provide our people with a universal understanding of:

Application of The Downer Standard
Implementation of the Delivery Management Methodology
Operation of the Delivery Governance Management.

These structured learning pathways upskill Operational Leaders and Delivery Practitioners, and equip them with processes and procedures to manage and govern the delivery of work. The Delivery Management Learning Pathways program has been tailored to suit employees ranging from new starters to experienced delivery professionals, providing them with the knowledge and skills to apply The Downer Standard and Delivery Management Methodology, familiarise themselves with the Delivery Governance Management and ensure successful delivery outcomes for both customers and Downer.

Human rights

Downer is committed to respecting the human rights of all our employees – and every person within our supply chain. Human rights are addressed in various sections of this Sustainability Report, as well as other Downer reports.

Human rights issue		Reference
Sex/age/disability/racial discrimination of the workforce		Governance and ethical conduct Organisational culture and sexual harassment People Inclusion and belonging
Human rights abuses in our supply chain		Downer Modern Slavery Statement 2021 Governance and ethical conduct Modern slavery
Employment programs for disadvantaged groups		People Opportunities for culturally diverse people THRIVE program Walu employment program
Supporting Indigenous charities		Relationships Corporate partnerships
Domestic violence Violence and aggression in the workplace		Health and Safety Managing public aggression Relationships Workplace giving program

Modern Slavery

We will not tolerate any form of modern slavery in our operations and supply chain. Downer believes our exposure to the risk of modern slavery in the labour force within our operations is low. In FY22, 97 per cent of our $7 billion Tier 1 supply chain spend was in Australia and New Zealand. We believe our exposure to modern slavery risks in our supply chain will reduce further with the divestment of our Mining business and subsequent reduction in supply from medium and high risk countries. Over the past 12 months, Downer has brought its sustainable sourcing practices into focus.

In support of this focus we met the following deliverables:

Endorsement of Group Procurement Strategy, inclusive of sustainable procurement initiatives that align with our Group goals and objectives
Completion of Procurement Operating Model review to support best practice sustainable sourcing and identify gaps
Delivery of Sustainable Procurement current state and future state review, including a modern slavery risk framework.

We have adopted recommendations from both the Procurement Operating Model and Sustainable Procurement reviews, which include:

Recruitment of a dedicated Sustainable Sourcing Manager, who will create focus on sustainable sourcing practices
Restructure of the Procurement function in order to support the Group’s sustainability goals and objectives
Adoption of a deliberate, targeted approach to assess modern slavery risk within our operations and supply chain.

Our specific focus on modern slavery risk has led us to improve our processes and internal reporting controls. Given our large supply chain, it is necessary to identify and predict the occurrence of modern slavery using a number of geographic and classification risk indicators. A central repository of information underpins our efforts to manage communications and monitor high risk suppliers.

We have commenced international supplier audits and are specifically working with our solar suppliers to identify modern slavery risks that may exist in this sector.

Within Downer, we have commenced an education and awareness program to support our business to identify any risk of modern slavery in our operations and supply chain. We have increased modern slavery awareness by updating companywide process documentation to create additional stage gates for our business to assess modern slavery risks.

We continue to review our supplier onboarding processes and tooling to ensure that the appropriate level of due diligence is performed prior to and during a supplier’s engagement.

Downer released its FY21 Modern Slavery Statement in December 2021.

Downer will leverage its understanding of modern slavery to support new legislation in New Zealand coming into effect in FY23.

Privacy

In FY22, Downer revised our Privacy Policy to ensure we maintain the highest standards for the collection, use and disclosure of personal information. Downer had aimed to roll-out an internal training module on privacy in FY22. The roll-out has been delayed, and will be deployed in FY23.

Cybersecurity

Downer continues to invest heavily in cybersecurity to protect against evolving cyber threats and risks.

The nature and frequency of these cyber risks has coincided with the security implications of COVID-19, remote working and, more recently, the war in Ukraine. Cyberattacks against government entities, large private companies, third-party contractors and supply chain organisations have continued to increase in both scale and sophistication.

A surge in ransomware attacks globally has seen many high profile attacks over the past 12 months causing disruption to supply chains, and incurring financial loss and reputational harm. Downer is committed to demonstrating credibility and trust through secure cyber stewardship and custody of our customer data. We also maintain alignment with our risk appetite through cost-effective initiatives and measures. Downer has delivered accelerated Cybersecurity Risk Mitigation programs, which have resulted in:

A revised security strategy that reflects the current threat landscape and establishes our cybersecurity principles and Cybersecurity Risk Management framework
Matured security capabilities, and the implementation of a new security operating model that includes new roles and processes
Enhanced operational resilience via implementation of the recommendations and learnings from security incident reviews, including remediation of vulnerabilities in our environment as a result of legacy technology and assets
Sustained progress towards achieving ISO 27001 Information Security Management System compliance and implementation of the Essential Eight cybersecurity risk mitigation strategies. This has included revising and updating our IT standards and procedures, applicable to all Downer employees and contractors.

The Downer information security risk management program is aligned to ISO 31000 and operates in accordance with the Group-wide Risk Management Standard. The Audit and Risk Committee is responsible for overseeing the risk associated with information security. Senior leadership brief the Board and Audit and Risk Committee on cyber and information technology risks on a quarterly basis.

We also recognise our responsibility within our supply chain, and will continue to work closely with our partners, critical asset owners and customers to maintain confidentiality, integrity and availability of their data.

To strengthen our protection against cyber risks, in April 2022, Downer rolled-out mandatory cybersecurity awareness training to all employees, which provided information on the steps to take to keep our business, customers and personal data safe. The training module had a 100 per cent completion rate.

Sustainability performance related remuneration

Downer’s remuneration framework for key senior employees has been successful in creating alignment between senior Executives and shareholders. Executive remuneration has a fixed component and a component that varies with performance. Performance is assessed annually for periods covering one year and three years. Payment for performance assessed over one year is a Short-Term Incentive (STI). Payment for performance over a three-year period is a Long-Term Incentive (LTI).

Standard of Business Conduct

In FY22, Downer continued to roll out our Standards of Business Conduct training and Workplace Behaviour training, with 11,835 employees completing the module.

Business resilience

Downer defines business resilience as the ability of the organisation to adapt to disruptions while maintaining continuous operations and safeguarding our people, assets and overall brand reputation.

Downer has been a trusted, reliable and resilient organisation for over 150 years. For Downer, business resilience is more than just financial resilience – it relates to the resilience of our people, systems and relationships with our stakeholders.

In recent years, like other organisations, Downer has had to adapt and respond to the COVID-19 pandemic, extreme weather events and geopolitical issues, which have caused increased global uncertainty and resulted in material cost increases, higher energy prices, supply chain disruptions and skilled labour shortages.

Downer’s business model has been tested by the cumulative nature of these events, and has demonstrated resilience.

These events have reinforced the importance that Downer places on its commitment to strengthening the resilience of its people, systems, and supply chain to continue to deliver leading services to its customers and the community.

Downer’s Urban Services strategy seeks to maintain this resilience by focusing on businesses with predictable revenue, cash flows and attractive medium-term and long-term growth opportunities.

In FY22, Downer has undertaken the following initiatives to strengthen its business resilience:

Undertaking a comprehensive climate-related risk assessment of Downer’s fixed assets, key sites and locations to assess their resilience to the physical impacts of climate change, such as extreme heat, bushfires, and severe weather events (for example, intense rainfall, storms, lightning and cyclones). For further information, refer to Downer’s Climate Change Report, to be released in FY23
Refined Downer’s Business Continuity Plans, as well as our systems and processes to strengthen the organisation’s resilience to any future disruptions. For example, if one of our Road Services asphalt plants is taken offline due to flooding or a bushfire, we can produce asphalt from one of our nearby plants to meet our customers’ needs
Investing in our people by providing training opportunities for career development and personal growth, as well as welfare support programs such as Mental Health First Aid, and our Employee Assistance Program
Spending considerable time and investment equipping our systems and employees/contractors with the tools to enable efficient, flexible work
Reviewing and updating COVIDSafe plans, risk assessments and Business Continuity Plans as Public Health response shifted from a low-transmission pandemic to a hightransmission endemic environment
Focusing on workforce attraction and retention and programs to develop Downer’s talent and capability from within
Building resilience in our supply chain through onboarding new and local suppliers to provide contingency with procured goods and services, and ensure supply agreements have adequate mechanisms to deal with disruptions
Reviewing and monitoring contracts to ensure Downer has adequate protection/adjustment mechanisms for price movements (for example, material costs and availability, and labour cost divergence) and supply chain uncertainty.

Industry memberships and associations

Downer is a member of various peak industry bodies and organisations which influence policies on sustainability across industries. Some of these include:

Asset Management Council
Australian Constructors Association
Australian Climate Leaders Coalition
Australian Council of Recycling
Australian Flexible Pavement Association
Australian Hydrogen Council
Australian Industry Group
Business Council for Sustainable Development Australia
Business Council of Australia
Civil Contractors Federation
Civil Contractors New Zealand
Clean Energy Council
Construction Sector Accord (NZ)
Infrastructure Partnerships Australia
Infrastructure Sustainability Council
Institution of Professional Engineers New Zealand
New Zealand Climate Leaders Coalition
Responsible Construction Leadership Group
Supply Chain Sustainability School
Sustainable Business Council of New Zealand.

Our future focus

Downer understands that, just as our business and customers are evolving, our governance structure must also evolve. We are committed to continuously improving our governance processes and policies to ensure the highest standards of corporate behaviour.

In FY23, Downer will:

Broaden awareness and education within our business and supply chain around modern slavery risks
Roll out internal training module on privacy
Roll out a new campaign called ‘Respect at Work’ aimed at respecting each other’s rights, addressing legislative changes to the Sex Discrimination Act and Fair Work Act (Australia) and providing a psychologically safe workplace
Continue to embed the Delivery Management Methodology by implementing tailored learning pathways for Operational Leaders and Delivery Practitioners
Embed the Delivery Governance Management solution to ensure consistent application of the Delivery Management Methodology and visible tracking and reporting for our managers
Update The Downer Standard SharePoint site to address external audit recommendations
Enhance Business Unit cyclical reporting through the lens of The Downer Standard, aligned to our Risk Appetite Standard
Develop a more robust and consistent Opportunity and Bid governance process.

Emerging issues and market trends

Organisational culture and sexual harassment

Organisational culture and sexual harassment Organisational culture, and in particular sexual and sex-based harassment in the workplace, has been a highly publicised issue in recent years, following campaigns such as #MeToo and #LetHerSpeak.

In 2020, the Australian Human Rights Commission published a report following an inquiry into sexual harassment in Australian workplaces. The report, called Respect@Work, made recommendations to the Federal government regarding changes to laws and regulations designed to improve the process for complainants and strengthen legal protection against being subjected to sexual harassment and sex-based harassment. The Federal government has adopted these recommendations, and further changes will likely be made, including additional obligations for employers to prevent sexual harassment and sex-based harassment in workplaces.

Downer recognises the importance of an organisational culture that fosters a safe and harassment-free work environment for our people. Accordingly, Downer’s Anti-Discrimination, Harassment and Bullying Policy and Standards of Business Conduct set high expectations for how our Directors, employees and contractors, as well as agents of Downer and its subsidiary companies, conduct themselves when representing Downer. These policies make it unequivocally clear that unlawful discrimination, sexual harassment, and bullying are unacceptable and will not be tolerated.

In FY22, Downer developed a strategy to further a workplace environment where sexual harassment and sex-based harassment are actively prevented, where employees feel safe raising complaints, and feel confident that any complaint will be dealt with in an appropriate way.

This strategy will focus on the following key areas:

Systems – including policies and procedures, reporting, investigation, training and support
Culture – including awareness, education, leadership and initiatives designed to promote and improve dignity and respect
Risks – including identification and mitigation of workplace and compliance risks.